CyberSec.Space Logo
Back to CVE Browser

CVE-2009-4927

HIGH
7.5
CVSS Severity Score
EPSS Score0.1870%
EPSS Percentile30.30th
PublishedJul 12, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as demonstrated by setting this cookie to 1.

Affected Platforms (CPE)

πŸ“¦
Webmobo

Wbnews

= 2.1.2

References & Advisories

πŸ”— http://secunia.com/advisories/34822
πŸ”— http://www.exploit-db.com/exploits/8492
πŸ”— http://www.securityfocus.com/bid/34609
πŸ”— http://secunia.com/advisories/34822
πŸ”— http://www.exploit-db.com/exploits/8492
πŸ”— http://www.securityfocus.com/bid/34609

Related Vulnerabilities

CVE-2006-02415.0

Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via ...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-049210.0

Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerabilit...

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...